Re: MDKSA-2000:065 - Linux-Mandrake not affected by dump

[Adam Knight <ahknight () JUMP NET>]

You know, I tried this on Redhat 6.2, two different installs, and got the result
they're saying here.  Perhaps this is only on *some* Redhat installs?  Anyone
have an idea as to what would cause this to fail/succeed?  My copy is certainly
SUID root, but the binary it made was SUID me.

On Thu, 2 Nov 2000, Linux Mandrake Security Team wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> ________________________________________________________________________
>
>                Linux-Mandrake Security Update Advisory
> ________________________________________________________________________
>
> Package name:          dump
> Date:                  November 2nd, 2000
> Advisory ID:           MDKSA-2000:065
>
> Affected versions:     None
> ________________________________________________________________________
>
> Problem Description:
>
> In some instances, if dump is suid root, it can be used to gain root
> access.  Two exploits have been published to prove this.
> ________________________________________________________________________
>
> Linux-Mandrake ships dump suid root, however both exploits do not work
> under Linux-Mandrake.  The end result is a shell that is suid by the
> user attempting the exploit, and not suid root which is the intended
> result.
> ________________________________________________________________________

--
____________________________________________________________________________
Adam Knight                                                ahknight () jump net
MIS Developer                                            http://www.jump.net
______________________________Codito, ergo sum______________________________

 Allen's Axiom:
    When all else fails, read the instructions.